APNIC Home

Multifactor Authentication (MFA)

What is multifactor authentication?

Multifactor authentication (MFA) is a security mechanism that adds extra layers of protection to MyAPNIC. It uses Time-based One-Time Passwords (TOTP) and push notifications when you sign in with MFA enabled. You will be required to enter a six-digit security code generated by an authenticator application in addition to your password. This ensures that even if someone knows your password, they cannot log in without the correct security code.

When you enter your six-digit security code, you will have the option to remember your device. If selected, MFA will remain valid for that device for 30 days. MFA is now mandatory for all users.

You can choose one of the available security methods and set-up whichever is most convenience to you:

  • Okta Verify – Use push notifications or a one-time code generated by the Okta Verify app to authenticate.
  • Google Authenticator – Use a one-time code generated by the Google Authenticator app to authenticate.
  • Other Authenticators – Use another authenticator app of your choice, such as Microsoft Authenticator, FreeOTP, Authy, or Duo Mobile.

Multifactor authentication is required to perform certain privileged functions within MyAPNIC such as:·

If you run into any issues, please contact the APNIC Helpdesk.

How do I enable multifactor authentication?

Before you enable multifactor authentication in MyAPNIC, you need to install an application that supports TOTP in your smartphone or tablet. Any application that supports TOTP can be used for multi-factor authentication. Here are some apps you could install:

If you want to install the Google Authenticator application in your smartphone or tablet, please visit the Google Play Store for Android devices, or the App Store for iPhone, iPod Touch, or iPad devices.

Please visit the Windows Phone Store to install the Authenticator application for Windows devices.

Once you have installed the authenticator application, log in to your MyAPNIC account and follow the steps below:

  1. Go to: My Profile (top right icon) -> Passwords & Security -> Multifactor Authentication
  2. Choose one of the verification methods and set up whichever is most convenience for you.
  3. Start your Authenticator app and scan the QR code displayed or manually enter the ‘Secret code’. Your app will then generate a six-digit security code.
  4. Enter your six-digit security code and click on confirm, then log out of MyAPNIC to complete the setup.

mfa0

For more information, please see the Help Centre article for Multifactor Authentication (MFA).

What if I can’t generate a security code?

If you cannot login to MyAPNIC because you changed your mobile device and cannot generate your security code, please contact the APNIC Helpdesk.

What if I don’t have or want to use a smartphone?

A smartphone with an authenticator app makes it very easy to use multifactor authentication, but in principle you can use any application that is capable of generating TOTP.

Given below are two applications which do not require smartphones:

1. OATH Toolkit

The OATH Toolkit allows you to generate security codes from the command line. Please note, this software is for Linux.Unix. The man page will give you details on how to use the application.

2. OTP Manager

The OTP Manager is a simple application for managing One Time Password (OTP) tokens. It is also available for OS X. For more information on OPT Manager, please read the documentation.

Can I disable multifactor authentication after enabling it?

You can remove any of your authentication factors by logging into MyAPNIC:

My Profile (top right icon) -> Passwords & Security -> Multifactor Authentication

Please select the authentication factor you want to remove and click on “Remove”.

mfa-remove

If you run into any issues, please contact the APNIC Helpdesk.